From 5fca582bbeaaca2bb1327e0f02f2afeaed19ee69 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 7 Feb 2017 14:19:57 -0500 Subject: [PATCH] add consideration of URI vs URL vs Pathname --- README.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/README.md b/README.md index 0c1237e..5eda2ef 100644 --- a/README.md +++ b/README.md @@ -13,3 +13,29 @@ URL generation: * `implicitGrant` * `loginCode` * `resourceOwnerPassword` + +URI vs URL +---------- + +See + +Since we do not require the `protocol` to be specified, it is a URI + +However, we do have a problem of disambiguation since a URI may look like a `path`: + +1. https://example.com/api/org.oauth3.provider +2. example.com/api/org.oauth.provider/ (not unique) +3. /api/org.oauth3.provider +4. api/org.oauth3.provider (not unique) + +Therefore anywhere a URI or a Path could be used, the URI must be a URL. +We eliminate #2. + +As a general rule I don't like rules that sometimes apply and sometimes don't, +so I may need to rethink this. However, there are cases where including the protocol +can be very ugly and confusing and we definitely need to allow relative paths. + +A potential work-around would be to assume all paths are relative (elimitate #4 instead) +and have the path always key off of the base URL - if oauth3 directives are to be found at +https://example.com/username/.well-known/oauth3/directives.json then /api/whatever would refer +to https://example.com/username/api/whatever.